﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
//using KingRoad.EPM.InvestmeEntity;
using KingRoad.EPM.Web.ViewModels;
using DotNet.Service;

namespace KingRoad.EPM.Web.Util.Filter
{
    /// <summary>
    /// 授权过滤器
    /// 
    /// ThinkWang
    /// 2014-2-27
    /// </summary>
    public class AuthorizeFilter : IAuthorizationFilter
    {

        /// <summary>
        /// 在执行操作方法之前调用
        /// </summary>
        /// <param name="filterContext"></param>
        public void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }

            var authorizeType = new AuthorizeTypeAttribute();

            #region 当前action是否需要进行权限判断
            string strArea = (filterContext.RouteData.Values["area"] ?? filterContext.RouteData.DataTokens["area"] ?? "").ToString();
            string strController = (filterContext.RouteData.Values["controller"] ?? filterContext.RouteData.DataTokens["controller"] ?? "").ToString();
            string strAction = (filterContext.RouteData.Values["action"] ?? filterContext.RouteData.DataTokens["action"] ?? "").ToString();

            var controller = ControllerBuilder.Current.GetControllerFactory().CreateController(filterContext.RequestContext, strController);
            object[] objs = controller.GetType().GetCustomAttributes(typeof(AuthorizeTypeAttribute), true);
            if (objs != null && objs.Length > 0)
            {//controller上有标记
                authorizeType = objs[0] as AuthorizeTypeAttribute;
            }
            else
            {
                objs = controller.GetType().GetMethods().First(x => x.Name.ToLower() == strAction.ToLower()).GetCustomAttributes(typeof(AuthorizeTypeAttribute), true);
                if (objs != null && objs.Length > 0)
                {//action上有标记，
                    authorizeType = objs[0] as AuthorizeTypeAttribute;
                }
            }
            #endregion

            if (!authorizeType.NeedLogin)
                return;

            if (UserService.CurrUserInfo == null)
            { //如果登录超时 或未登录
                #region 登录超时 或未登录
                if (filterContext.HttpContext.Request.IsAjaxRequest())
                { //如果是ajax操作，返回登录超时 json数据
                    var callback = new CallbackStatus();
                    callback.statusCode = "301";
                    callback.message = "登录超时,请重新登录!";

                    var jsonResult = new JsonResult();
                    jsonResult.Data = callback;
                    jsonResult.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
                    filterContext.Result = jsonResult;
                }
                else
                { //如果是直接访问页面的操作 ，跳转到登陆页
                    var redirect = new RedirectResult("/");
                    filterContext.Result = redirect;
                }
                #endregion
            }
            else
            { // 如果登录了，判断是否有此action的操作权限
                
                return;//暂未启用，需要模块的编码符合规范
                #region 判断有没有权限
                //var routeData = filterContext.RouteData.Values;
                //  var authCode = string.Format("{0}.{1}.{2}", routeData["area"], routeData["controller"], routeData["action"]);
                //  if (!ServiceManager.Instance.UserService.IsIsAuthorized(authCode))
                //  { // 如果没有权限
                //      if (filterContext.HttpContext.Request.IsAjaxRequest())
                //      { //如果是ajax操作，返回无权限提示json
                //          var callback = new CallbackStatus();
                //          callback.statusCode = "300";
                //          callback.message = "无操作权限，请与管理员联系!";

                //          var jsonResult = new JsonResult();
                //          jsonResult.Data = callback;
                //          jsonResult.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
                //          filterContext.Result = jsonResult;
                //      }
                //      else
                //      { //如果是直接访问页面的操作 ，跳转到无权限提示页面
                //          var view = new ViewResult();
                //          view.ViewName = "~/Views/Shared/NoAuthorize.cshtml";
                //          filterContext.Result = view;
                //      }
                //  }
            #endregion
            }

        }

        /// <summary>
        /// 在执行操作方法后调用
        /// </summary>
        /// <param name="filterContext"></param>
        public  void OnActionExecuted(ActionExecutedContext filterContext)
        {
            return;
        }
    }
}